admin Is Not a Secure Drupal Username

If an attacker obtains a valid username or password utilized within your Drupal-based website, then he is that much closer to breaking in and potentially wreaking havoc. Thus, it is bad security practice to ever use an obvious username — and the most obvious one of all is "admin". Even worse, it is most commonly chosen for administrator accounts, and even for the superuser (user/1). "admin" is fine as the name of a role, but not as the name of a user.